Papers
Topics
Authors
Recent
Search
2000 character limit reached

Detecting Forged Kerberos Tickets in an Active Directory Environment

Published 30 Dec 2022 in cs.CR, cs.CY, and cs.NI | (2301.00044v1)

Abstract: Active Directory is the most popular service to manage users and devices on the network. Its widespread deployment in the corporate world has made it a popular target for threat actors. While there are many attacks that target Active Directory and its authentication protocol Kerberos, ticket forgery attacks are among the most dangerous. By exploiting weaknesses in Kerberos, attackers can craft their own tickets that allow them to gain unauthorized access to services on the network. These types of attacks are both dangerous and hard to detect. They may require a powerful centralized log collecting system to analyze Windows security logs across multiple services. This would give additional visibility to be able to find these forged tickets in the network.

Citations (2)

Summary

No one has generated a summary of this paper yet.

Paper to Video (Beta)

No one has generated a video about this paper yet.

Whiteboard

No one has generated a whiteboard explanation for this paper yet.

Open Problems

We haven't generated a list of open problems mentioned in this paper yet.

Continue Learning

We haven't generated follow-up questions for this paper yet.

Collections

Sign up for free to add this paper to one or more collections.